Ordway Labs, Inc. (“Ordway,” “we,” “us,” “our”) are committed to protecting and respecting your privacy. Your continued use of this website (www.ordwaylabs.com) (the “Website”) and/or our services and your provision of any information to us indicates that you have read, understand and agree to the collection, use and disclosure of that information in accordance with this Privacy Policy (“Privacy Policy”).


For the purposes of the EU General Data Protection Regulation (2016/679) and the United Kingdom (UK) equivalent retained under the European Union (Withdrawal) Act 2018 (collectively the “GDPR”), the data controller of your personal information is Ordway Labs, Inc. with a registered address at 1707 L Street NW, Suite 850, Washington, DC 20036, USA. We can be contacted at contact@ordwaylabs.com.

 

This Privacy Policy will tell you:

  • What personal information about you is collected by us.
  • What we do with the personal information we collect, and our legal bases for this.
  • How long we will retain personal information about you.
  • How we may share personal information about you and who we may share it with.
  • Your rights in relation to our collection and use of your personal information.
  • How you can contact us for more details.

What information do we collect?


“Personal information” covered by this Privacy Policy is any information that enables us to identify you, directly or indirectly, and in particular by reference to an identifier such as your name, an identification number, location data, online identifier or one or more pieces of information about you. Where our customer is a company or other incorporated entity then we will collect personal data about its employees or agents that interact with us on the customer’s behalf and references to “you” or “customer” in this Privacy Policy should be read accordingly.


We have set out below some examples of common categories of personal information that we may collect.


Personal information collected from the customer.


We collect personal information if you contact us through our website, for example to request additional information from us. This information may include:

  • Your name;
  • Your company information;
  • Your mailing address;
  • Your e-mail address and phone number; and
  • Information about the device used to contact us, including your IP address.

Personal information may also include any other information you choose to provide to us in your communication.

If you engage us to provide services to you, we may request and you may provide the following information (through the Website, during the provision of our services or through other communication methods):

  • First and last name;
  • Company information;
  • Mailing address;
  • Username;
  • E-mail address;
  • IP Address;
  • Phone Number;
  • Customer information;
  • Product information;
  • Pricing, plan/tier, term, and billing information;
  • Payment information; and
  • Other information requested or provided through our services.

Personal information collected automatically.


We want you to be aware that certain tools exist to help us service and recognize you. For your convenience, to help us personalize your experience or better serve your needs, we may, with your permission, receive and store certain types of personal information when you visit our website. You may be familiar with the term “cookies”, which are unique alphanumeric identifiers. For more information about our practices in this area, please see our Cookie Policy here here www.ordwaylabs.com/cookie-policy.

Once information is collected, how is it used?


Use of Information


Generally, we use the personal information you provide us to provide the services for which such data was collected. You are not obliged to provide us with personal information, although if you do not provide us with the information that we require, we may be unable to enter into a contract with you, or perform services under such a contract.


We will only process personal information where we have a valid legal basis for doing so. Accordingly, we may use you or your customers’ personal information for a number of reasons including but not limited to the following:

Where using your personal information is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract, for example:

  • to provide you with access to our services;
  • for service administration purposes, which means that we may contact you for reasons related to the service you have signed up for (e.g. to provide you with password reminders or to notify you regarding a particular service);
  • to contact you about a submission you have made to the website, including any content you provide; and/or
  • to issue invoices, administer accounts, collect and process payments for you and your customers.

Where using personal information is necessary for the purposes of our legitimate interests (or those of a third party) except where such interests are overridden by the data subjects’ fundamental rights and freedoms, for example:

  • To provide your employees or customers with access to our services and for contacting your employees or customers for service administration purposes;
  • where you are an existing individual customer who has chosen not to opt-out of direct marketing, or an employee of a business customer, we may use your personal information to send you e-mails, e-newsletters, personalized offers or other communications about our services;
  • to identify the number of visits to the Website (including via IP address logging) from different locations and also to block disruptive use for you and your customers;
  • to disclose specific information upon governmental request, to enforce our policies, or to protect our or others’ rights, property, or safety;
  • to analyze and improve the services we offer; and/or
  • to stop disruptive or abusive behavior by our users (e.g. the posting or transmission of offensive, inappropriate or objectionable content on the Website or to us).

On rare occasions it may be necessary for us to process your personal information in order to comply with a legal obligation, for example, in response to a court order or when otherwise required by law.


We may also process your personal information for other purposes where we have your express consent to do so.


We do not anticipate that we will routinely process special categories of personal data. However, where such processing does occur, we shall ensure that we have an additional legal basis for such processing, as required by the GDPR. By sending us any messages that include special category personal data, you are providing your express consent for us to process such data. Such consent can be withdrawn at any time. Please contact us for more information.


How long do we keep your personal information for?


We will keep your personal information for no longer than is necessary for the purpose for which it was originally collected. We may, however, retain and further use your personal information as necessary to comply with our legal obligations, to resolve disputes and enforce our rights, or if it is not technically and reasonably feasible to remove such personal information from our databases and systems.

Who do we share your personal information with?

We may share your personal information with companies assisting in fraud protection or investigation. We do not provide information to these agencies or companies for their marketing or commercial purposes. We may also share your personal information with other third parties, for example in the following circumstances:

Within our organizations and with Our Service Providers


We may share information we collect from all points of contact within our organization, including with our affiliated companies. The information you give us and information about you may be combined with other personally identifiable information available from our records and other sources. We may also share information with our service providers operating on our behalf to provide services to our customers (including but not limited to: third party payment processors, hosting providers, IT service providers, etc.).


On a Sale, Merger or other Fundamental Transaction

Should Ordway choose to sell or transfer business assets, or to otherwise engage in a merger, reorganization or other fundamental transaction, Ordway reserves the right to transfer any or all of the information we possess as part of that fundamental transaction or as part of any due diligence process and Ordway may, at its option, retain a copy of all information transferred.


Third Parties

Aside from the sharing set forth above, we will not share your personally identifiable information with any third parties. We may however share de-identified, aggregated or anonymous information that cannot identify you with third parties.


Links to Other Sites

The Website may offer links to other sites or allow the utilization of third party applications or services. Other sites, third party applications and services have their own terms of use and privacy and security policies. If you choose to visit one of these sites or utilize a third party application or service, you should review the policies that govern that particular site, application or service.


Information provided to third parties

This Privacy Policy applies to all personal information collected or submitted to us through the Website and during our the provision of our services. Other affiliated entities of ours may obtain information independently from transactions and experiences with you or from other sources. This Privacy Policy does not pertain to that information and we are not the data controllers in respect of such personal information.

International transfers

We have established an EEA based Amazon Web Services presence for the processing of our UK or EEA based customers’ information. However, aspects of our services involve the transfer of personal information to servers located and operated within the United States (e.g. our marketing activities). By using and accessing our Website and services, residents and citizens of countries and jurisdictions outside of the United States acknowledge that their personal information will be transferred to, and processed on, servers located in the United States.


The United States has not been deemed by the European Commission, or the UK Department for Digital, Culture, Media & Sport as providing an adequate level of protection for personal information originating from, or relating to individuals residing in, the European Economic Area (EEA) or the UK. As such, where necessary, we will ensure appropriate safeguards are in place (including by entering into approved standard contractual clauses) to protect any such personal data. For more information about this, or to obtain a copy of the appropriate safeguards we have implemented, please contact us.


How do we protect customer information?


We use industry standard physical, technical and administrative security measures and safeguards to protect the confidentiality and security of your personal information. However, since the Internet is not a 100% secure environment, we cannot guarantee, ensure, or warrant the security of any information you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. It is your responsibility to protect the security of your login and related information.


What rights do you have in relation to our use of your personal information?

Your rights in relation to our use of your personal information vary depending on where you are based and the relevant data protection laws that apply.


Marketing communications
You can opt-out of receiving certain marketing communications from us at any time, by using the unsubscribe link in the email communications we send (if applicable), or by contacting us using the details contained in the “Questions and How to Contact Us” section at the end of this Privacy Policy. We may continue to send you non-promotional communications, like service-related emails.


European or UK residents.
If you are based in the EEA or the UK, then you have the following rights in relation to your personal information:

  • The right of access: You have the right to access copies of personal information we hold about you, as well as related information, including the information contained within this Privacy Policy.
  • The right of rectification: You have the right to have inaccurate personal information corrected.
  • The right of erasure: You have the right to request that personal information we hold about you is deleted.
  • The right to restrict processing: You have the right to request that we restrict the processing of your personal information.
  • The right of portability: You have the right to request that personal information processed by us by automated means is provided to you, or a third party, in a structured, commonly used, machine readable format.

Please note that the above rights are not absolute and there may be circumstances in which we can refuse to comply with a request to exercise them. To obtain more information regarding the above rights, or if you would like to exercise any of them, please contact our Customer Success team at contact@ordwaylabs.com.


If you are unhappy with our response to a request relating to the above rights, or data processing generally we ask that you contact us first so that we may seek to resolve the issue. However, you have the right to make a complaint to a supervisory authority such as the Information Commissioner’s Office in the UK.


COPPA (Children’s Online Privacy Protection Act)


To protect children’s personal information and to meet the standards of the Children’s Online Privacy Protection Act (COPPA), we do not knowingly collect any personal information from children under the age of 13. The Website and service is a general audience service for users 18 and older and is not geared toward children. If you are under the age of 18, you should not use this service or Website and should not submit any personal information to us. If you are a parent or guardian and you learn that your children have provided us with personal information, please contact us using the details contained in the “Questions and How to Contact Us” section at the end of this Privacy Policy.


Shine the Light

Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products or services for personal, family or household use are entitled to request and obtain from us, once per calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2017 will receive information regarding 2016 sharing activities).


To obtain this information from us, please send an email message to support@ordwaylabs.com with “Request for California Privacy Information” on the subject line and in the body of your message. We will provide the requested information to you at your email address in response. Not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing (if any) will be included in our response.


Do Not Track

At this time, the Website does not respond to “do not track” requests that may be available in your browser for letting websites know that you do not want them collecting certain types of information.


Questions and How to Contact Us


If you have any questions, concerns, complaints or suggestions regarding this Privacy Policy or otherwise need to contact us, please email us at contact@ordwaylabs.com.

Ordway Labs, Inc.
1707 L Street NW, Suite 850
Washington, DC 20036

contact@ordwaylabs.com 


Changes to this Privacy Policy


We may change or add to this Privacy Policy so we encourage you to review it periodically. If we believe any of our Policy changes are significant, we may (but are not required to) provide a more prominent notice as we deem appropriate.

Last updated: May 21, 2021